diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index c1db1766b..35ecfe299 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -73,7 +73,7 @@ def authenticate_user_with_basic_auth!
   def authenticate_user!
     type, credentials = type_and_credentials_from_request_headers
     return false if credentials.blank?
-    raise JWT::VerificationError if (ENV['JWT_BLACKLISTED'] == credentials)
+    raise JWT::VerificationError if ENV["JWT_BLACKLISTED"].split(",").include?(credentials)
 
     @current_user = User.new(credentials, type: type)
     fail CanCan::AuthorizationNotPerformed if @current_user.errors.present?
diff --git a/config/application.rb b/config/application.rb
index 52c3d7313..ef92425a5 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -59,8 +59,6 @@
 ENV['MG_DOMAIN'] ||= "mg.datacite.org"
 ENV['HANDLES_MINTED'] ||= "10132"
 ENV['REALM'] ||= ENV['API_URL']
-ENV['JWT_BLACKLISTED'] ||= ENV['JWT_BLACKLISTED']
-
 
 module Lupo
   class Application < Rails::Application